How To Quickly Secure A CentOS Web Server

If you are a system administrator, then you must have come across CentOS sometime in your career. The open-source Linux distribution is popular for its stability and reliability in server environments. CentOS, which stands for Community ENTerprise Operating System, is based entirely on Red Hat Enterprise Linux (RHEL) distribution. Though you need to pay for RHEL license, CentOS comes free as in free beer and can be distributed amongst peers. The distribution is quite popular with almost 30% of all Linux web servers using it and yes, you can install the distribution right away via a live CD or a live USB.

These days, if you buy a cloud-based server space, you get to choose which operating system is loaded on it. If you choose Linux then most of the hosting companies provide CentOS as the distribution. Once setup you need to seal any vulnerabilities and openings that come with the default installation and make sure that your server won’t be hacked.

To access your server, you’ll need to SSH to the IP address and access it as root. In this article, we’ll show you few of the most important steps in securing a CentOS server. Note that this article doesn’t comprise all that is required to harden a server; however for small scale to medium scale setup, this security is enough at times.

Step 1: Do a yum upgrade and backup the list of packages installed

#yum upgrade#yum list installed >> ~/installed.txt

These commands will ensure that all packages are up to date and that we have a back up of all the list of installed packages.

Step 2: Add a new user so that we won’t have to login via root the next time

Using the computer as root is one of the riskiest things to do on a Linux web server. So first, we’ll create a new user and then we will give it all admin privileges.

#/usr/bin/visudo

Then once visudo opens up, uncomment the following line:

%wheel ALL=(ALL) ALL

Press the Escape key followed by :wq to close the editor.

#useradd techsource#passwd techsource

Here, you can set a new password for the user named techsource. Make sure that you create a strong password, one that is hard to guess.

Then type the following command to add techsource to the group wheel:

#gpasswd -a techsource wheel

Now, we have created a new user called techsource that can execute all the commands that root can.

Step 3: Disable root access via SSH

This is an important step. Once you have added a new user, now you have to make sure that next time you login, root will be denied access directly. This ensures that the attacker won’t be able to login via ssh by simply guessing the root password. Now he or she also has to guess the username.

###############################################################
# Authorized access only! #
# Disconnect IMMEDIATELY if you are not an authorized user!!! #
# All actions Will be monitored and recorded #
###############################################################

Close the file using Escape + :wq and enter the following command: #/etc/init.d/sshd restart